﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;

public partial class DangNhap : System.Web.UI.Page
{
    SqlConnection con;
    DataTable dt = new DataTable();
    private string Connect = ConfigurationManager.ConnectionStrings["ketnoi"].ConnectionString;
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["username"].ToString() != "")
        {
            Response.Redirect("Trang_Chu.aspx");
        }
    }
    protected void btndangnhap_Click(object sender, EventArgs e)
    {
        int t = TraVe_Quyen(txtUesrName.Text, txtPassWord.Text);
        if (t > 0)
        {
            Session["username"] = txtUesrName.Text;
            Session["Quyen"] = t;
            Session["pass"] = txtPassWord.Text;
            Response.Redirect("Dang_Nhap_Thanh_Cong.aspx");
        }
        else
        {
            lblErr.Text = "Đăng nhập thất bại";
            txtUesrName.Text = "";
        }
    }

    public int TraVe_Quyen(string UserName, string PassWord)
    {
        string sql = "Select TenDangNhap,MatKhau,Quyen from Dang_Nhap";
        con = new SqlConnection(Connect);
        con.Open();
        SqlCommand cmd = new SqlCommand(sql, con);
        SqlDataReader reader = cmd.ExecuteReader();
        while (reader.Read())
        {
            if (reader[0].ToString() == UserName && reader[1].ToString() == PassWord)
            {
                return int.Parse(reader[2].ToString());
            }
        }
        return 0;
    }

    
}
